IoT News and analysis

As clouds gather in the public and private sectors, the Internet of Things (IoT) – and all the devices it brings – has organized into a hurricane-sized force that challenges evolving security strategies. Earlier this year, researchers developed a Stuxnet-like malware proof-of-concept attack which they claimed could infiltrate critical infrastructure and potentially disrupt the power…

Researchers have discovered yet another Internet of Things botnet derived from Mirai — but instead of conducting DDoS attacks or cryptomining like most variants, this one’s core functionality is exfiltrating information and executing malicious commands. Making matters worse, the malware’s potential target list is unusually large, considering that it supports attacks against a variety of…

Both the federal government and Internet of Things manufacturers are facing key challenges and opportunities in regards to implementing secure Public Key Infrastructure practices for digital certificate management and encryption, according to a pair of newly published research reports. The first report, from machine identity protection company Venafi, reveals data compiled from a survey of 100 federal…

Three young men who developed and deployed the original Mirai IoT botnet malware were sentenced on Tuesday in an Alaskan federal court to five years probation – a lenient punishment earned through extensive cooperation with FBI on other cyber investigations. Paras Jha, 22, of Fanwood, N.J.; Josiah White, 21, of Washington, Penn.; and Dalton Norman,…

The personal email accounts of senators and their aides are in the crosshairs of nation-state hackers, Sen. Ron Wyden, D-Ore., warned Senate leaders in a letter that took the body’s security office to task for failing to safeguard them. Noting that “at least one major technology company” had notified some senators and their aides that…

There’s an odd new addition to the extended family of Mirai-inspired IoT botnets, and so far its only obvious victim is a competing botnet whose malware is targeted for removal from any infected devices. Dubbed Fbot, the malware is also unusual because rather than using standard DNS to communicate with the command-and-control server, it instead…

The incredible advancements that have turned what were once standalone pieces of medical equipment into IoT devices do enable better care for patients, but at the same time open these devices up to cyberattacks, warned the National Institute of Standards and Technology (NIST), working with the National Cybersecurity Center of Excellence (NCCoE), in a new report.